Featured Slideshow

In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison and was ordered to pay a little more than $890,000 in restitution and fines, according to reports.

Featured Spotlight

For the security industry, the tide is shifting. Executives and boards are recognizing future ROI benefits in beefing up security when alerted to the potential of a three to five percent sales decline following a data breach.

Blueprints of Obama's Marine One helicopter leaked on P2P

The blueprints for President Obama's helicopter, Marine One, were downloaded from a peer-to-peer (P2P) network and onto a computer in Tehran, Iran, a file-sharing monitoring company has revealed.

Robert Boback, CEO of P2P monitoring company Tiversa, which discovered the leak, told SCMagazineUS.com Monday that the downloaded file contains a detailed analysis of the anti-missile defense mechanisms used on Marine One.

“Clearly the security measures of Marine One are classified,” Boback said. “The only reason this document wasn't marked classified is because it was in draft format.”

The file also contains communications between the U.S. Department of Defense (DoD) and the Navy regarding the upgrade of the avionics and computer packages of Marine One, he said. Additionally, the file contains the general design of the helicopter and information on the wiring and the inner workings of its computer system.

The file was originally found by Tiversa in the fall of 2008. It was inadvertently leaked by a military defense contractor based in Bethesda, Md., Boback said. One of its employee's computer systems was running a file-sharing program linking the sensitive information about Marine One.

P2P networks most commonly are used for music sharing, but some people don't realize that once a P2P network is downloaded, it opens up a user's hard drive to others, he said.

“It depends on the [P2P] program, but most of the programs index all of the content on the user's hard drive,” Boback said.

When the documents were discovered in the fall of 2008, Tiversa worked with the DoD and the White House to get the file taken down and analyzed. But on Feb. 25, during regular monitoring, Tiversa discovered the same file being hosted by an Iranian IP address.

This means that someone in Iran downloaded the file off the P2P network while it was still available, and is now hosting it from their IP address in Iran, Boback said. Because Iran typically does not respect IP takedown notices, the file remains on the P2P network.

“Once it's in another jurisdiction, such as Iran, there's not much that we can do,” Boback said.

“Corporations think they've got it under control, but when people go home and plug in USB drives and work out of hotel rooms there's no control over what gets loaded on that hard drive,” Litan said. “If people aren't careful, their whole hard drive is exposed.”

In early February, Dartmouth College business professor Eric Johnson released a report that detailed the findings of a two-week study monitoring P2P networks for sensitive health-care documents. In all, researchers found hundreds of documents revealing sensitive information on tens of thousands of patients.

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.